Analysis

  • max time kernel
    28s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    07-11-2024 19:47

General

  • Target

    ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk

  • Size

    2.5MB

  • MD5

    ac7458e2fa4fde4a6c8c3adc06a5f4b5

  • SHA1

    bd30371b52fbc067bc29017c9effe30bfbd5aa89

  • SHA256

    03ead8a86c4bfc846c7472972dceb853bd06bbb4c65f967a7b712e022dbad6a6

  • SHA512

    dcfb2141ea62d75b02cd3060ce39c5190d22fda717e7c0740376655b7ad41861e3131167d83d7ad817e9f1419e653cdf140af0cc9d3c55f21c189f818e20cf25

  • SSDEEP

    49152:FxOZOK5Q+q+XQvqqztSxliDImn66oiGDXpNpd2ZrB8HEj2Qo:oP5bbq4mn6hPBd2ZrBcEj1o

Malware Config

Signatures

Processes

  • COM.TUUURAHIDDENS
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Reads the content of SMS inbox messages.
    • Acquires the wake lock
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5040

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/COM.TUUURAHIDDENS/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    bb813a96a4cf2f50e1386f8d8104863b

    SHA1

    395ae04d656b33628d85449d86cf2c3eff3f6723

    SHA256

    91d62e613e00ccd376f72c5d929a63a8389adfce429fe5008e0c074263015bfe

    SHA512

    73405dd01f55daf8678b7952b07eb7fd643e37952bf7f4fe94d57a8a3890a1608db4c3eb883cdb35d4137e99a77fa98cae5f7ff3ebdeac6d27fc2b437441d04f

  • /data/data/COM.TUUURAHIDDENS/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    99f3868ff13db2114d909dcc5f175ae7

    SHA1

    9ccf8cad8afadd068f518c22e81fc7ec12291816

    SHA256

    61db98927489fff84a5714ded47bb510e8b96c644606e602d66d3402e44c593d

    SHA512

    e8d51d3bb77a3b1fe992104328a96aa19515ef63c64f405bf7791333d74e8ed478ee911a3371ccee25fa3e4a031ce70b259cc9f14b6a252aa56206a4233fcda9

  • /data/data/COM.TUUURAHIDDENS/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    6c93629fb92e795d90e6162aab554114

    SHA1

    65b6f054b6f7b7a6e9f5807775464b6b7e35c791

    SHA256

    845f508ab2bd99d5f703b9a9d07c98bb94250a889152046622c2969b98ad3c7f

    SHA512

    ea77c8487367d87237d2a47e6f5981f96c2ca790ed292e383c6e594ac4b6c4a19bad32bab769186f705806a448f4e72b8589c1c02f31068b23ae539dc334e20d

  • /data/data/COM.TUUURAHIDDENS/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    5fa39728112f1720bc5b296e7f6266ad

    SHA1

    ece6ef4fa2e84de57b23b827f06b79b2d253603d

    SHA256

    23a3b7d06f4017f97ae8828f84e8eca5e30e97f2a93bb981443bc29db205ad1b

    SHA512

    067f4998aa0e51685d696de0947df9c7b755df37c1566a5eb9be0383a3399b058783349f0231a8be234e7b7026e837f1e87fd6b742dfd92d37b36e9995aec7f7

  • /data/data/COM.TUUURAHIDDENS/files/PersistedInstallation3127278327162838754tmp

    Filesize

    569B

    MD5

    f27439d1204c16250f5acd44418dfafd

    SHA1

    6c11d2d48f54e9e6093d4c40a30553951e855981

    SHA256

    40fb6dfdeb095e955381b8262c0ea98ffe2badb34307f312a87e914cb987a259

    SHA512

    f01a688d5071c0db0da95eeca9324bec595bb30884a41cfb7eb598d78824dc94e97ab40da72b91d8e007355b77cec27afa7d3bb67071ff5330e18bd75dacd746

  • /data/data/COM.TUUURAHIDDENS/files/PersistedInstallation6521582845081741760tmp

    Filesize

    90B

    MD5

    c9de80c4528d9d69ba939f170583d5ae

    SHA1

    c4d07f4b185bc29e6bf5d5598c56c53254bbc8f4

    SHA256

    36a10b74716ad1836510c33b03c867870a929ded3e37e4298668d122c61d0af8

    SHA512

    72505e0c01591264650baa212ba777259cddc7dde3c6df1943e7d901c4ba0e70084c86cff02d4d6488c0a6f7d70ff17191b1dda8dd91cb84ee4f66cff8f73ea1

  • /data/data/COM.TUUURAHIDDENS/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/COM.TUUURAHIDDENS/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    0871084c85c459a90b090a2ddd2ceb85

    SHA1

    9a2720295484109ea5e1f65651b4150ec926c7cf

    SHA256

    ff06c24a771d50b522015420e8a048f65b9a292b4a9662dbe70aba36ac903485

    SHA512

    7464c24edbc7e2647f1c4a80eda3bcc916727bc4e80c73099ad88a065cc17690f52cce2da4a68be45c604ec061a7b53b1e7f420c962ec2f74116986656bad899

  • /data/data/COM.TUUURAHIDDENS/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/COM.TUUURAHIDDENS/no_backup/androidx.work.workdb-wal

    Filesize

    108KB

    MD5

    a0f501d60a1f37e326fec6942bb1d3f8

    SHA1

    146e43a49b165a254791da70f03d7fc74da6eff4

    SHA256

    68a6d89144b9f6e86518a8a8a77b617637b6d8c7ed174b50470add4363b0fe31

    SHA512

    b7823a7900ac94976f7c0fcc69e66ee2fbb0b3ab18ecd8cc30acc5e386e15493fe987dc43409d2e7fa80963184fcfbfa7b317ee9b01b19817200de26b7ed476d

  • /data/data/COM.TUUURAHIDDENS/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    64985a25b7905a162f345dc0b55737f0

    SHA1

    5590584610d01e77bdd5cc83435f4053489b6644

    SHA256

    5cf60464f0a27bc6da6a56885ae6f321aea05162ee6ce0a2779846166f1fd020

    SHA512

    d9e88357af6985a54948f4006cd51801830ac7ba3092b79b23996fde2127f3a15cfb515f91094f0fe66d31570b7417428f74e89587cea5204f563c1af927a197